Skip to content

Hide Navigation Hide TOC

SplitLoader (9a20c7f3-4e17-4a79-994a-c577afef5c72)

SplitLoader is an intermediate-stage malware used by the North Korean threat actor Moonstone Sleet mainly for payload execution purposes. It is also capable of performing system reconnaissance.[Microsoft Security Blog 5 28 2024]

Cluster A Galaxy A Cluster B Galaxy B Level
Moonstone Sleet (33a5fa48-89ee-5c0b-9c9c-e0ee69032fca) Tidal Groups SplitLoader (9a20c7f3-4e17-4a79-994a-c577afef5c72) Tidal Software 1
SplitLoader (9a20c7f3-4e17-4a79-994a-c577afef5c72) Tidal Software Moonstone Sleet (Deprecated) (3b8a2c50-5d8e-49b4-bd50-10ae66ca6c72) Tidal Groups 1